Manualshelf

User Guide

ManualsBrandsMacromedia ManualsOtherBREEZE 5
81828384858687888990
Configuring FCS for SSL 81
To configure FCS manually:
1.
Stop all Breeze services.
2.
Open the Adaptor.xml file by using a text editor such as Notepad.
3.
Make a backup of the current Adaptor.xml configuration file by saving it as Adaptor.bak.
4.
Search for the <SSL> tag where the SSL schema is located.
5.
Search for the variable(s) you want to set.
6.
Enter the new value(s).
7.
Save the modified file as Adaptor.xml.
8.
Use the procedure outlined in steps 2 through 7 to reconfigure the Server.xml file for SSL.
9.
Restart all Breeze services.
Server.xml SSLCACertificatePath [none] Specifies the name of a directory containing CA
certificates. Each file in the directory must contain
only a single CA certificate, and the files must be
named by the subject name's hash, and an
extension of ".0".
Win32 Only: If this tag is empty, FCS will attempt
to find CA certificates in the certs directory
located at the same level as the conf directory.
The Windows cert store can be imported into this
directory by running FCSMaster -console -
initialize from the command line.
Server.xml SSLRandomSeed 16 Specifies the number of bytes of entropy to use
for seeding the pseudo-random number
generator (PRNG). Entropy is a measure of
randomness. The more entropy, the more random
numbers from the PRNG will be.
The default number is 16. You cannot specify less
than 8 bytes,
Server.xml SSLSessionCacheGC 5 Specifies in minutes how often to flush expired
sessions from the server-side session cache.
Server.xml SSLVerifyCertificate true Configures the server to act as an SSL client (out-
going SSL connections). The tag specifies
whether or not to verify the certificate that is
returned by the server being connected to.
Certificate verification is enabled by default. To
disable certificate verification, specify false.
Warning: Disabling the certificate verification
can result in a security risk.
Server.xml SSLVerifyDepth 9 Configures the server to act as an SSL client (out-
going SSL connections).
The tag specifies the maximum depth in the
certificate chain we are willing to accept. If a self-
signed root certificate cannot be found within this
depth, the certificate verification will fail.
FCS File XML Tag Default Description